How your PHP application can get hacked, and how to prevent that from happening?

You’ve probably heard about XSS, SQL Injection, and RCE. Very few developers out there have witnessed first-hand what exploiting any of the mentioned vulnerabilities looks like, and therefore don’t necessarily understand the consequences that having such vulnerabilities in your application can have. In this talk, we’ll exploit some commonly known vulnerabilities (OWASP top 10) and misconfigurations that can occur to a PHP application running on a Linux based host. By learning to think like a hacker you’ll be able to develop more secure applications with PHP, and to keep yourself, your clients, and your users’ data safe.

This presentation consists of security concept theory sections from PHP developers' point-of-view and a lot of hands-on demonstrations. At the end of the presentation, we go through a set of concrete action steps to secure our applications from the vulnerabilities we learned about earlier.

Antti Rossi flag

Antti Rossi

CTO @ Jobilla